#!/bin/bash

set -e

# Decrypt our private files; changes to this file should be inspected
# closely to ensure they do not create information leaks

eval key="\${encrypted_${1}_key}"
eval iv="\${encrypted_${1}_iv}"

if [ ! "$key" ]
then
  echo "No aes key present - skipping decryption"
  exit 0
fi

for i in .travis/*.enc
do
  u=$(echo $i | sed -e 's/.enc$//')
  openssl aes-256-cbc -K "$key" -iv "$iv" -in $i -out $u -d
done

if [ -f .travis/travis_rsa ]
then
  echo "ssh key present - loading to agent"
  # add key, then remove to prevent leaks
  chmod 600 .travis/travis_rsa
  ssh-add .travis/travis_rsa
  rm -f .travis/travis_rsa
  touch /tmp/ssh-key-loaded
else
  echo "No ssh key present - skipping agent start"
fi
